Wednesday, January 9, 2013

SharePoint 2010: Errors while creating AD Sync connection on User Profile Service Application

In this blog we are going to see few common errors which we encounter while creating an AD Sync Connection in User Profile Service Application (UPA) and possible fix

Errors:"Unable to process create message" and "Unable to process put message"
Possible Fix:
  1. Stop UPSS (User Profile Sync Service)
  2. Make the following change on the App SharePoint Server
  3. Click Start --> Run --> GPEdit.msc \ Computer Configuration \ Windows \ Security Settings \ Local policies \ Security Options \ "Network security: LDAP client signing requirements", set the parameter value on "None"
         (by default it will set to 'Negotiate Signing', details can be found on 'Explain' tab)
  4. Run "gpupdate /force" without quotes on command prompt
  5. Restart UPSS

And now you should be able to create the AD Sync connection successfully.

Error: "MOSS MA not found"
Possible fix: There could be many reasons on why this can come and this can be tricky to fix, in most of cases I usually try the following to fix this error:

  1. Stop UPSS
  2. Go to 'Manage Service Applications' page, select the User Profile Service Application and click 'Permissions' in the ribbon
  3. If you see the Farm Admin or the Service Account in here, remove and re-add with Full Control
  4. Once saved, now select 'Administrators' in the ribbon and do the same
  5. Restart UPSS, you should ideally be able to create a new AD Sync connection successfully.

This plan might sound silly, however this has helped me fix many of the cases!

Enjoy SharePointing!

Total Pageviews